Microsoft Entra ID
Microsoft to roll out Entra passkeys on Windows in late April
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April. The feature is expected to reach general availability by mid-June 2026 and will also extend passwordless sign-in to unmanaged Windows devices. Microsoft says that Entra passkeys on Windows will support corporate, personal, and shared devices, […]
Microsoft to secure Entra ID sign-ins from script injection attacks
Microsoft plans to enhance the security of the Entra ID authentication system against external script injection attacks starting in mid-to-late October 2026. This update will implement a strengthened Content Security Policy that allows script downloads only from Microsoft-trusted content delivery network domains and inline script execution only from Microsoft-trusted sources during sign-ins. After rollout, it […]
HP pulls update that broke Microsoft Entra ID auth on some AI PCs
HP has pulled an HP OneAgent software update for Windows 11 that mistakenly deleted Microsoft certificates required for some organizations to log in to Microsoft Entra ID, disconnecting them from their company’s cloud environments. The bug was discovered by Patch My PC’s Rudy Ooms, who traced it to a silent, background update deployed by HP to its AI PC devices. […]
Microsoft Entra ID flaw allowed hijacking any company’s tenant
A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. The fatal mix included undocumented tokens called “actor tokens” and a vulnerability in the Azure AD Graph API (CVE-2025-55241) that allowed the tokens to work with any organization’s Entra ID environment. A […]
Storm-0501 hackers shift to ransomware attacks in the cloud
Microsoft warns that a threat actor tracked as Storm-0501 has evolved its operations, shifting away from encrypting devices with ransomware to focusing on cloud-based encryption, data theft, and extortion. The hackers now abuse native cloud features to exfiltrate data, wipe backups, and destroy storage accounts, thereby applying pressure and extorting victims without deploying traditional ransomware encryption […]
New downgrade attack can bypass FIDO auth in Microsoft Entra ID
Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and session hijacking. These weaker login channels are vulnerable to adversary-in-the-middle phishing attacks that employ tools like Evilginx, enabling attackers to snatch valid session cookies and hijack the accounts. […]
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. The campaign started last December and has successfully hijacked multiple accounts, say researchers at cybersecurity company Proofpoint, who attribute the activity to a threat actor called UNK_SneakyStrike. According to the researchers, the peak of […]
Microsoft fixes Entra ID authentication issue caused by DNS change
Microsoft has fixed an issue that caused Entra ID DNS authentication failures when using the company’s Seamless SSO and Microsoft Entra Connect Sync. In an update to its Azure status page, Microsoft says these problems were caused by a recent DNS change that triggered DNS resolution failures for the autologon.microsoftazuread.sso.com domain when customers tried to […]
Microsoft: Hackers steal emails in device code phishing attacks
An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. The targets are in the government, NGO, IT services and technology, defense, telecommunications, health, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East. Microsoft Threat Intelligence Center tracks the threat […]